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CLAIMS 



Having thus /described our invention, what we claim as new and 
desire to secure by Letters Patent is as follows: 




1. A met/hod for classifyi/ig a data packet, the method 
omprismti: 



receivi 
tree; 



ng the data packet at a root node of a classification 



successively passing the data packet to each child of a first 
tree level! until a fi^rst child of the first tree level of the 
classification tree indicates a satisfaction of a node-criteria 
of said first child/£ and the first child forming said data packet 
into a ma/tched pacyket ; and 




speatiing the^ step of passing and forming for a next tree 
fvel ur/til ncy first child of said next level at a succeeding 
next leiel indicates satisfaction of the node-criteria of said 
first child" of said next level, 



2. A method as recited in claim 1, wherein the step of passing 
includes executing a set of code which returns a status 
indication. 

3. A method as recited in claim 1, wherein the step of forming 
includes the first child specifying a set of code to be run 
subsequently. 
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1 4. A method as ijecited in claim 3, wherein the step of 

2 specifying includds specifying the set of code to be run 

3 following satisfaction. 

4 5. A method as recited in claim 1, further comprising 

5 dynamically adding at least one node in at least one level of the 

6 classification tree. 

7 6, A method as recited in claim 5, wherein said at least one 

8 new child node its a Real Audio node. 

9 / 

10 7. A method fpr classifying a packet, said method comprising 

11 suspending a packet classification process in progress for said 
II packet; and obtaining external information employed in said 

j[| classifying. / 

|| 8. A method /in claim 7, wherein the step of obtaining includes 

il augmenting a node-criteria of a node in a classification tree 

16 with externa]/ information. 
C3 / 

p7 9. A methad as in claim 8, wherein the external information 

|$ includes identification of the originator of said packet. 

19 10. A metWod as in claim 8, wherein the external information 

20 includes authentication of an originator of said packet. 

21 11. A method as recited in claim 7, wherein the classification 

22 process isl an extendible classifier process. 
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12. A method as recited in claim 1, further comprising the step 
of parsing said matched! packet and generating relevant 
information. j 



13. A method as recited in claim 1, further comprising the step 
of transforming said hatched packet into a transformed packet. 

14. A method as recAted in claim 1, further comprising 
associating the packet with a last first child indicating 
satisfaction. / 

15. A method as rfecited in claim 14, further comprising 
executing a set of code in accordance with said last first child. 

16. A method as /recited in claim 1, further comprising 
determining a disposition of the data packet. 

17. A method for determining disposition of a packet received at 
a child node, said method comprising: 

passing said packet and a first disposition of said packet to an 
external process; and 

said external/ process augmenting the packet disposition by 
employing a process specific means; and returning the augmented 
packet and am augmented disposition to the child node. 

18. A methad as recited in claim 17, further comprising 
suspending a disposition process in progress for said packet. 
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1 19. A method as in clj'im 18, wherein the augmented disposition 

2 includes identification of an originator of said packet. 

3 20. A method as in claim 18 wherein the augmented disposition 

4 includes authentication of an originator of said packet. 

5 21. A method as racited in claim 18, wherein the disposition is 

6 employed for poliay enforcement. 

7 22. A method as recited in claim 16, further comprising 

8 employing the classification process as a firewall. 

9 23. A method/as recited in claim 1, further comprising employing 

IQ the classification process for application level classification. 
I / 

1ST / 

: / 

y § / 

11 24. A methJbd as recited in claim 23, further comprising 

12 employing fhe classification process for policy enforcement, 

|3 25. A metfhod as recited in claim 23, further comprising 

14 employing/ the classification process for rate limiting. 



26. A mjfethod as recited in claim 23, further comprising 
employing the classification process for load balancing. 



17 27. PJ method as recited in claim 1, further comprising employing 

18 the c/assif ication process to shape traffic . 

19 28. An apparatus to classify a data packet, the apparatus 

20 comprising: 
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1 

2 
3 
4 
5 



a network interface 



device to receive the data packet from the 
physical network and pass the data packet to the root node of a 
classification tree, ard the reverse, to receive the data packet 
from the root node and send the data packet to the physical 
network; 



6 a packet module ta successively pass the packet from child 

7 node to child node au a next tree level until a first child node 

8 of the next tree level of the classification tree which indicates 

9 a satisfaction of a node-criteria of the first child node, and to 

10 form the data packet/ into a matched packet until no first child 

11 node of at a succeeding next level indicates satisfaction of the 

12 first node-criteria f of the first child node of the succeeding 

13 next level. 

V- 1 

|3 29. An apparatus a/s recited in claim 28, wherein a portion of 
r n / 

11 the apparatus is implemented as an accelerator chip. 

16 30. An apparatus /as recited in claim 28, wherein the apparatus 

If is employed for application level classification. 



31. An apparatus! as recited in claim 28, wherein the apparatus 
is employed as a [firewall. 



20 32. An apparatus as recited in claim 28, wherein the apparatus 

21 is employed as a border server. 

22 33. A method as recited in claim 2, wherein the status 

23 indication is of the pm t type. 
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1 34. An article of manufacture comprising a computer usable 

2 medium having computer/ readable program code means embodied 

3 therein for causing classification of a data packet, the computer 

4 readable program code means in said article of manufacture 

5 comprising computer /readable program code means for causing a 

6 computer to effect /the steps of claim 1. 

7 35. An article ©f manufacture as recited in claim 34, the 

8 computer readable program code means in said article of 

9 manufacture further comprising computer readable program code 

10 means for causi/ng a computer to effect dynamically adding at 

11 least one node/in at least one level of the classification tree. 

O 36. An article of manufacture comprising a computer usable 

13 medium havina computer readable program code means embodied 

=13 therein for causing classification of a data packet, the computer 

JJ readable program code means in said article of manufacture 

4?> comprising /computer readable program code means for causing a 

17 computer to effect the steps of claim 8. 

zx j 

Jjj8 37. A computer program product comprising a computer usable 

kp medium having computer readable program code means embodied 

therein /for causing a determination of a disposition of a packet, 

21 the computer readable program code means in said computer program 

22 producn comprising computer readable program code means for 

23 causing a computer to effect the steps of claim 

24 18. / 

25 38. iAn apparatus for classifying a data packet, the apparatus 

26 comprising: 
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means for receiving the data packet at a root node of a 
classification tree; 



means for successively passing the data packet to each child 
of a first tree /level until a first child node of the first tree 
level of the classification tree indicates a satisfaction of a 
node-criteria/of said first child node, and the first child node 



forming said 



means for 
next tree le\ 



data packet into a matched packet; and 



repeating the steps of passing and forming for a 
el until no first child node of said next tree level 
at a succeeding next level indicates satisfaction of the 
node-criteri/a of said first child node of said succeeding next 
level . 



39. An apparatus for determining disposition of a packet 
received ap a child node, said apparatus comprising: 

an interrupt context of a control program, said child node 
existing within the interrupt context; 

an external process outside of the interrupt context of the 
control program; 

means foJ passing said packet and a first disposition of said 
packet ti the external process, said external process to. augment 
the packet disposition by employing a process specific means and 
to return an augmented packet with an augmented disposition to 
the chiljd node; and 
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1 said interrupt context including means for receiving said 

2 augmented packet and said augmented disposition from said 

3 external process. 



E3 
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